CEP Magazine – February 2023
This month’s column is devoted to the idea of “testing out” of compliance training, a topic I addressed in my opening comments at the Compliance & Ethics Institute in October, but in a clumsy manner. I think I came across as suggesting that testing out is never a good idea, which was not my intent. Thanks to a couple of you who pointed this out to me.
The idea of testing out of training—so people with a solid understanding of the concepts are spared the time required to sit through a lengthy training—is quite practical. But I also like to look at things through the lens of government enforcement. And explaining in the aftermath of a compliance failure that we didn’t make people attend training because they already knew the material is not something anyone should look forward to.
In discussing this with a few experienced compliance officers, one alternative of “testing up” has emerged. The idea is if someone passes a test, they can skip a planned compliance training and will instead graduate to another training—perhaps a more advanced coverage of the same or similar topic, or perhaps another valuable compliance topic altogether.
Another idea for testing out is that the test itself should be rigorous enough to truly assess comprehension. This might be more extensive than the test given after a training program, which often aims to determine some level of comprehension but also to simply make sure someone sat through the entire thing. It’s a different approach to testing than one administered immediately after attending training.
Experiencing training on topics someone already knows well does have a positive impact: it reinforces and reminds us of key issues. This is because a test never covers the full extent of what is addressed in training. But requiring attendance every year when knowledge is retained well can be an inefficient use of time. So, I would be cautious of giving anyone a permanent waiver even if their knowledge level is high. Perhaps every few years they should still go through the basics.
When I think about it, each of these ideas is really just another example of tailoring a compliance program’s approach to managing risk based on a current and regularly updated consideration of the risk profile and environment. Just like the “one-size-fits-all” concept does not apply to the compliance program taken as a whole, it doesn’t apply to compliance training either.